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Abstract 

This paper contributes to the general understanding of the geometrical model of concur- 
rency that was named higher dimensional automata (HDAs) by Pratt and van Glabbeek. 
In particular we provide some understanding of the modal logics for such models and their 
expressive power in terms of the bisimulation that can be captured. The geometric model 
of concurrency is interesting from two main reasons: its generality and expressiveness, and 
the natural way in which autoconcurrency and action refinement are captured. Logics for 
this model, though, are not well investigated, where a simple, yet adequate, modal logic over 
HDAs was only recently introduced. As this modal logic, with two existential modalities, 
during and after, captures only split bisimulation, which is rather low in the spectrum of van 
Glabbeek and Vaandrager, the immediate question was what small extension of this logic 
could capture the more fine-grained hereditary history preserving bisimulation (hh)? 

In response, the work in this paper provides several insights. One is the fact that 
the geometrical aspect of HDAs makes it possible to use for capturing the hh-bisimulation, a 
standard modal logic that does not employ event variables, opposed to the two logics (over less 
expressive models) that we compare with. The logic that we investigate here uses standard 
backward-looking modalities (i.e., past modalities) and extends the previously introduced 
logic (called HDML) that had only forward, action-labelled, modalities. 

Since the direct proofs are rather intricate, we try to understand better the above issues 
by introducing a related model that we call ST- configuration structures, which extend the 
configuration structures of van Glabbeek and Plotkin. We relate this model to HDAs, and 
redefine and prove the earlier results in the light of this new model. These offer a different 
view on why the past modalities and geometrical concurrency capture the hereditary history 
preserving bisimulation. Additional correlating insights are also gained. 



* Details for proofs of some of the results in this paper can be found in the on-line technical report |16j . 
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Tribute to Alan Turing. Alan Turing was seeking beauty and naturalness in his work, e.g., 
with the Turing machine or the Turing test, and at the same time power of the theories and 
methods he was developing, e.g., with "the bombe". This is what makes a mathematical genius: 
beauty, power, and naturalness, that are constantly sought for when building methods for solving 
problems which most of us cannot even comprehend. Once these are achieved, then the problems 
and solutions open up like a book to the rest of us, and we read from "the book" (as Paul Erdos 
was saying) for many years to come. Our gratitude to Alan Turing can never be enough, compared 
to the benefits that we still get from his genius. 



1 Introduction 

Geometric concurrency was introduced by V. Pratt and R. van Glabbeek as the model of Higher 
Dimensional Automata two decades ago [9, 18J. This model of concurrency is more general and 
expressive than most other models like event structures or Petri nets (as studied by van Glabbeek 
|18j ) and accommodates nicely action refinement, which is a good method for building systems 
from abstract specifications and refined to gradually more concrete implementations. Moreover, 
HDAs are not constrained to only before-after modelling and expose explicitly the choices in the 
system. It is a known issue in concurrency models that the combination of causality, concurrency, 
and choice is difficult; in this respect, HDAs and Chu spaces [cUdU] do a fairly good job [T3]. 

Logics for this model, though, are not well investigated. A natural modal logic over HDAs was 
recently introduced as HDML in [13]. HDML contrasts with standard temporal/program logics in 
the fact that it can reason about what holds "during" some concurrent events are executing. A 
main question that this logic attracted was what bisimulation it captured. It turns out that this 
modal logic, with two existential modalities, during and after, captures only split bisimulation, 
cf. [03, Prop. 4. 3], which is rather low in the spectrum of van Glabbeek and Vaandrager fZT\ . 
This expressiveness lack is due to its forward-only modalities, that do not allow to look at the 
history of the concurrent execution. The natural question now is what small extension of this 
logic can capture the finest, hereditary history preserving bisimulation. This question becomes 
more interesting in the light of the fact that two recent logic developments (HIT] study concurrency 
bisimulations (including hh) over concurrency models strictly less expressive than HDAs, yet using 
event-identifier variables inside more complex modalities. 

For this, one concrete step in this paper is to define the history-aware higher dimensional modal 
logic (hHDML) which is a modal logic interpreted over higher dimensional automata (HDAs) that 
captures the hereditary history-preserving bisimulation (hh). 

The hHDML logic that we present in this paper solves the question of what is a simple and 
natural extension of HDML that captures hh-bisimulation. Compared to related works, hHDML 
does not make reference to events, but talks only about labels; i.e., hHDML does not use event 
identifiers as in [7J or more complicated event-based modalities as in [1]. On the other hand, 
hHDML uses backward looking modalities as in [7] (whereas the feature of [1] is that it is a 
forward only logic). Moreover, hHDML uses single step modalities (both the forward and the 
backward), thus not looking at entire parts of the HDA model, as the modalities of [T}[7] do (or 
Until-like modalities of temporal logics). 

The other feature of hHDML is that it is a modal logic defined over HDA, which are a model 
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of true concurrency that is more expressive than the other models on which the logics of [TJ[7] 
are defined (i.e., is more expressive than event structures or configuration structures). Therefore 
this makes it a good framework for investigating and comparing all these logics in a uniform 
manner; similar to what is done in [TS] on comparing expressiveness of concurrency models by 
embedding them into EDA (i.e., defining the exact class of EDA that they capture); or similar 
to j5] where translations are made between logics that all capture the same bisimulation. Moreover, 
the simple syntax and natural interpretation of hEDML in the style of standard modal logic makes 
it a good candidate for investigating modal characterizations of the spectrum of true concurrency 
bisimulations [EJUHJET], as was done with modal logics for standard process equivalences in [17] 
and recently using event identifier modalities in pp. 

In the second part of this paper we want to convey a better understanding of why hEDML 
over EDA can capture hh-bisimulation without referring to event variables. On top, we want to 
get more tight correlations between this logic and ED As, and the related logics over the event 
structures and configuration structures, as well as between the definitions of bisimulations over 
EDA and over the other partial order models, cf. [19J. 

For this we introduce ST- configuration structures, which are a natural extension of configuration 
structures to the setting of higher dimensional automata. Configuration structures [20J are used in 
[T9] as the most expressive model of concurrency which has a natural way of defining refinement and 
the partial order bisimulations. The notion of an ST-configuration has been used in [2T] to define 
ST-bisimulation and in [IS] in the context of EDA. But the model of ST-configuration structures, 
as we define here for capturing concurrency, does not appear elsewhere. We think that a main 
characteristic of higher dimensional automata is captured by ST-configuration structures, opposed 
to the standard configuration structures; this is the power to look at the currently executing 
concurrent events. At the level of the modal logic EDML this is the power to talk about what 
happens during the concurrent execution of one or more events. This is opposed to standard modal 
logics that talk only about what happens after the execution of one or more events. 

For ST-configuration structures we show how they are a natural extension of configuration 
structures and define related notions that steam from the later. We also define notions of steps 
and paths and define the bisimulations in this new context. We show how these relate to existing 
bisimulations for the other models. For this we first relate ST-configuration structures also to EDAs 
by identifying the corresponding class of ST-configuration structures, with the particular property 
of adjacent-closure. We also define the class of stable ST-configuration structures and relate this 
with their counterpart in stable configuration structures. The classical notions of concurrency, 
causality, and conflict are not interrelated as in the case of event structures or configuration 
structures; but are more loose, as is with EDAs. 

2 Preliminaries on Higher Dimensional Automata 

In this section we define higher dimensional automata (EDA) following the terminology of [T3"|[T%]. 
We also define additional notions like paths, adjacency, bisimulations, and the restriction to acyclic 
and cubical EDAs. 

For an intuitive understanding of the EDA model consider the standard example [T3~|rT8] pic- 
tured in Figure [TJ It represents a EDA that models two concurrent events which are labelled by a 
and b (we can also have the same label a for both events). The EDA has four states, to q$, and 
four transitions between them. This would be the standard picture for interleaving, but in the case 
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Figure 1: Example of a HDA with two concurrent events. 



of HDA there is also a square 52- Traversing through the interior of the square means that both 
events are executing. When traversing on the lower transition means that event one is executing 
but event two has not started yet, whereas, when traversing through the upper transition it means 
that event one is executing and event two has finished already. In the states there is no event 
executing; in particular, in state q$ both events have finished, whereas in state no event has 
started yet. 

Similarly, HDAs allow to represent three concurrent events through a cube, or more events 
through hypercubes. Causality of events is modelled by sticking such hypercubes one after the 
other. For our example, if we omit the interior of the square (i.e., the grey qi is removed) we are 
left with a description of a system where there is the choice between two sequences of two events, 
i.e., a;b + b; a. 

Definition 2.1 (higher dimensional automata) A cubical set H = (Q,s,t) is formed of a 
family of sets Q = U^ =0 Q n w ^ a ^ se ^ s Q n disjoint, and for each n, a family of maps Sj,tj : 
Qn -> Qn-i with 1 < % < n which respect the following cubical laws: 



In H , the s and t denote the collection of all the maps from all the families (i.e., for all n). A 
higher dimensional structure (Q,s,t, I) over an alphabet E is a cubical set together with a labelling 
function I : Qi — > £ which respects l(si(q)) = l(ti(q)) for all q G Q2 and i G {1,2}. A higher 
dimensional automaton (Q,~s,t,l, I , F) is a higher dimensional structure with two designated sets 
of initial and final cells I C Q and F C Q . 

We call the elements of Q , Qi, Q 2 , Q3 respectively states, transitions, squares, and cubes, 
whereas the general elements of Q n are called cells (also known as n-cell, n-dimensional cubes, 
or hypercubes). For a transition q G Qi the Si(q) and ti(q) represent respectively its source and 
its target cells (which are states from Qq in this case). Similarly for a general n-cell q G Q n there 
are n source cells and n target cells all of dimension n — 1. Intuitively, an n-dimensional cell q 
represents a configuration of a concurrent system in which n events are performed at the same 
time, i.e., concurrently. A source cell Si(q) represents the configuration of the system before the 
starting of the i th event, whereas the target cell U(q) represents the configuration of the system 
immediately after the termination of the i th event. A transition of Q\ represents a configuration 
of the system in which a single event is being performed. 

The cubical laws account for the geometry (concurrency) of the HDAs; there are four kinds of 
cubical laws depending on the instantiation of a and (3. For the example of Figure [1] consider the 
cubical law where a is instantiated to t and j3 to s, and i — 1 and j = 2: ^(^fe)) = ^l^ife)) • In 



a, o j3j = /3j-i o ati, l<i<j<n and a, j3 G {s, t}. 



(1) 
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the left hand side, the second source cell of q2 is, in this case, the transition 52(92) — Qi — (Qo, Qo) 
and the first target cell of q\ is ql (the only target cell because 52(92) £ Qi)', this must be 
the same cell when taking the right hand side of the cubical law, i.e., the first target cell is 
^lfe) = Qi = (?0' lo) an d the first source of qf is q$. 

The terminology that we adopt now steams from the Chu spaces representation of HDAs and 
triadic event structures [TT1[T3]. A cell q n of dimension n represents n events happening at the 
same time. Therefore we assume a set E, with \E\ = n, which for our purposes denotes the 
concurrent events. In the HDA case each event may be in three phases: not started, executing, and 
terminated (as opposed to only terminated or not started in the standard event oriented models). In 
consequence, we associate one valuation E — > {0, |, 1}, where | means executing, to each cell in the 
hypercube q n = 3 E . A hypercube (or n-cell) q n is formed of 3 n cells, which we call faces of q n ; these 
are those cells on lower levels that are connected to q n through s or t maps (F(q n ) = Uo<k<nF k (q n ) 
where F n = {q n } and F k (q n ) = {q E Q k | (q = Si(q k+1 ) or q = ti(q k +i)) and q k+1 E F k+1 }). In the 
context of a single hypercube 3 E we denote the cells of the cube by lists of \E\ elements eie 2 . . . e\E\ 
where each takes values in {0, |, 1} and represents the status of the i th event of the HDA. The 
dimension of a cell in this hypercube is equal to the number of | in its corresponding valuation. 
With the above conventions, the cells of dimension (i.e., the states of the hypercube q n ) are 
denoted by the corresponding valuation restricted to only the two values {0, 1}. 

Definition 2.2 (general labelling) Because of the condition l(si(q)) = l(ti(q)) for all q E Q2, 

all the edges e± . . . ej_i| . . . c\e\, with Cj E {0, 1} for j ^ i, have the same label. Denote this as 
the label 1^. The label of a general cell q E Q n is the multiset of n labels lj l . . . lj n where the j 's are 
exactly those indexes in the representation of q for which ej has value \. 

Definition 2.3 (paths in HDAs) A single step in a HDA is either q n -i q n with Si(q n ) = q n -i 
or q n q n _i with ti(q n ) = q n -\, where q n E Q n and g n _i E Q n -\ and 1 < % < n. A path 

n = q° q 1 q 2 -^-> ... is a sequence of single steps qi - — > q^ +1 , with a J E {sj,tj}. We say 
that q E ir iff q = qi appears in one of the steps in n. The first cell in a path is denoted stfa) and 
the ending cell in a finite path is en(n). We are interested in the observable content of a path which 

is the sequence of annotated labels of the single steps, hence we denote a single step q n ^i > q n 

when q n _i = Si{q n ) and q n q n _ 1 when q n _\ = U{q n ). We denote by n — > n' when the path 

7r' extends n by a single step labelled by a E S; the step may be either a start or a terminate step. 

Many of the results in this paper work with acyclic and cubical HDAs in the following sense. 
Such HDAs are the ones usually considered in the literature on concurrent systems and are more 
general than most of the true concurrency models [T3l[T8] . 

Definition 2.4 (acyclic and cubical HDAs) A HDA is called acyclic if no path visits a cell 
twice (i.e., no path results in cycles). An acyclic HDA is called cubical if for any cell all its faces 
are different. 

Acyclic and cubical HDAs result from the definition of HDA involving cubical complexes, and 
hence, the concurrent system is built by putting together cubes of varying dimensions to share 
some of their faces. The example of the empty square is built from cubes of dimension 1 that share 
their end point faces. The same can be said about all the examples that we give in Section 13.11 A 
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different view, that may be more appealing to a more abstract mind with aesthetic inclinations, is 
as "sculpting out" (as Pratt called it) from a big hypercube formed of all the events in the system 
(not just those that are concurrent, as is the case with a single n-cell), those of its faces that are 
not relevant. In the same example from the beginning, we would take a 2-cell and carve out its 
interior face, i.e., from level Q2. 

Definition 2.5 (adjacency and homotopy) Two finite paths tt and tt' are called /-adjacent, 

l a 1 1 a l+1 

denoted tt < — > tt , if one can be obtained from the other by replacing the segment — > q — > in 
one of the following four ways (both directions are allowed), where the path tt = q° q 1 

2 

q 2 — > . . . q m , with I < m: 

7 , s i S 3 7 S j — 1 / s i ti 7 ti , — 1 

• replace segments — > q — > and — > q — >, or — > q — > and — > q — >, or 




where i < j. Homotopy is the reflexive and transitive closure of adjacency. Two homotopic paths 
share both their end points. The homotopy class of a cell q is the set of all homotopic paths that 
end in q (and thus start in the initial cell). This is the history of q. 

Corollary 2.6 (cf. |18L sec. 7. 5]) For a path tt and a point I > 1 there exists a unique path ti' 
that is I -adjacent with tt. 

Definition 2.7 (hh-bisimulation) Two higher dimensional automata (T-LaiQa) an< ^ (^-b,Qb) 
(with q° A and q° B two initial cells) are hereditary history-preserving bisimulation equivalent (hh- 
bisimilar) if there exists a binary relation R between their paths starting at q° A respectively q° B that 
respects the following: 

a ± a ± 

1. if ttaRttb and tta — > k' a then ^tt' b with ttb — > k' b and tt' a Rtt' b ; 

a ± a ± 

2. if ttaRttb and %b — > ^b then 3tt' a with tta — > t^'a and tt' a Rtt b ; 

3. if tt a Rtt b and tta ^'a then 3tt' b with n B < — > tt' b and tt a Rtt' b ; 

4- if ttaRttb and ttb ^— — > tt'b then 3tt' a with tta tc' a and tt' a Rtt' b ; 

a ± a ± 

5. if ttaR^b and tt a — > tta then 3tt' b with tt' b — > ttb and tt' a Rtt' b ; 

a ± a ± 

6. if tt a Rtt b and tt' b — > tt b then ^tt' a with tt' a — > tt a and tt' a Rtt' b . 

Denote this as {HaAa) ~ C^b,Qb)- 
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3 History-aware Higher Dimensional Modal Logic 

We extend the higher dimensional modal logic of [H] with backward looking modalities in the style 
of past temporal logics [6] or PDL with converse [H ch.10.5]. Call this extension history-aware 
higher dimensional modal logic, for short hHDML. This logic follows the tradition and style of 
standard modal languages [2] . hHDML is a multi-modal logic with the modalities labelled from a 
finite set of action labels, which are the same E labels of the HDA that we interpret the logic over. 

Definition 3.1 (history-aware higher dimensional modal logic) A formula <p in the lan- 
guage of hHDML is constructed using the grammar below, from a set of atomic propositions, 
with (p G $b, which are combined using the propositional symbols _L and — > (from which all other 
standard propositional operations are generated), and using the forward modalities {a} and (a) and 
backward modalities {a} and (a) , all parametrized by the action labels in X. 

if := (j) | _L | if — >■ if | {a}(f | (a}f> \ {a}<p \ {a)(f 

We call {a} the during modality and (a) the after modality. The intuitive reading of {a}p is: 
"pick some event from the ones currently not running (must exist at least one not running) and 
start it; in the new configuration of the system (during which, one more event is executing) the 
formula if must hold". The intuitive reading of (a) if is: "pick some event from the ones currently 
running concurrently (must exist one running) and terminate it; in the new configuration of the 
system the formula if must hold" . 

These two modalities only make the higher dimensional modal logic of (Hj. hHDML adds the 
two new backward looking modalities {a} and (a), increasing the expressive power of HDML to the 
point that it captures the hh-bisimulation (as we prove in this section). Intuitively, if the forward 
modalities {a} and (a) were following a path, the past modalities {a} and (a) are walking on paths 
backwards (from right to left), undoing events that may have been started or terminated. 

The models of hHDML are higher dimensional structures together with a valuation function 
V : Q — > 2 $s which associates a set of atomic propositions to each cell (of any dimension). 
This means that V assigns some propositions to each state of dimension 0, to each transition of 
dimension 1, to each square of dimension 2, to each cube of dimension 3, etc. Denote a model of 
hHDML by "H = (Q, s, t, l,V). A hHDML formula is evaluated in a cell of such a model "H. 

Definition 3.2 (satisfiability) TableUl defines recursively the satisfaction relation \= of a for- 
mula ip w.r.t. a model H in a particular n-cell q (for some arbitrary n); denote this as H,q |= if. 
The notions of satisfiability and validity are defined as usual. 

The four modalities have an existential flavour. The universal correspondents are defined in the 
standard style of modal logic. We denote these modalities using square brackets; i.e., respectively 
[[a}]v?, [a](f, f{a}]</? and [a](f. The intuitive reading of ^a^ip is: ll ip holds in all those configurations 
of the system from which the current configuration can be reached by starting some event labelled 
by a". In other words, it looks at all possible ways of undoing the start of some event labelled 
with a. 

Definition 3.3 (modal equivalence) Define the hHDML modal equivalence as the relation H ~ 
between cells, s.t.: 

(U, q) h ™ ML (H\ q') tffM V :H,q^ip^ H\ q' 1= <p. 
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9? 2 iff 


V n\= \a\iD 


iff 




iff 




iff 




iff 



hHDML 



(f>eV(q). 

when "H, q \= ip-i then H,q \= f2- 
assuming q £ Q n for some n, 3q' G Q n +i s.t. 
s i(y"') — 9 f° r some 1 < i < n + 1, l(q') = l(q)a and H, q' \= (p. 
assuming q G Q n for some n, 3q' G Q n -i s.t. 
ti(g) = </ for some 1 < % < n, l(q) = l(q')a and "H, q' \= if. 
assuming q G Q n for some n, 3q' G Q n -i s.t. 
Si(q) = q' for some 1 < i < n, l(q) = l(q')a and H, q' \= if. 
assuming q G Q n for some n, 3q' G Q n +i s.t. 
ti(g') = q for some 1 < % < n + 1, l(q') = l(q)a and %, q' \= (p. 

Table 1: Semantics for hHDML. 

Two models Ha and % B are modally equivalent iff their initial cells are; i.e., iff (Ha,Ia] 
{Hb-, Ib)- 

For proving the next results we need to relate the equivalence of cells, as in the modal equiva- 
lence, with the equivalence of paths, as in the hh-bisimulation. 

We say the two paths of two HDAs are modal equivalent iff they have the same length and all 
their corresponding cells are modal equivalent. 

Proposition 3.4 {hHDML captures hh-bisimulation) The relations ~ L and ~ coincide. 

Proof: The proof that ~ is in hH ^ AL j s simpler, using reductio ad absurdum to assume a formula 
that holds on one model but not on the other, and then employ induction on the structure of the 
formula. Use the forward steps of ~ when we work with the forward modalities, and the back 
steps (5 and 6) for backward modalities. 

The proof that ~ L is in ~ is the more involved part. It shows that hH ^} 4L respects the six 
rules of being a ~ over paths. For the forward and backward rules (1,2 and 5,6) we employ the 
assumptions of image-finite (i.e., finite choices) and finite concurrency, using reductio ad absurdum 
to construct a formula that will contradict the initial assumptions. The adjacency rules (3 and 4) 
are more involved. Knowing that for each of the two initial paths there exists a unique /-adjacent 
path (cf. Corollary 12. 6j) the proof reduces to showing that these two are modal equivalent, i.e., 
that their respective cells satisfy the same formulas. We do this for each of the four /-adjacency 
replacements, using induction on / and on the dimension of the cell involved in the /-adjacency 
replacement. We also use the proof principle reductio ad absurdum and show that whenever 
assuming an "error" in the ~ that we are building using R^ L } we can change the relation so far 
by interlacing cells (or indexes of maps), so that the /-adjacency is respected. □ 



3.1 Expressiveness of hHDML through examples 

We give an intuition for the expressive power of hHDML logic interpreted over HDAs by exempli- 
fying its distinguishing power wrt. the modal equivalence. 

For each of the two systems that are compared in each example we give two presentations: one 
in the style of event structures, and the other as a HDA. The event structure style (using partial 
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Figure 2: Concurrency vs. interleaving. E |= {a}{6}T, F \£ {a}{b}T. 
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Figure 3: The limits of weak history preserving bisimulation. I E |= {o}{a}^a]]{fe}T, I F \£ 
{a}{a}MW 



orders) is displayed on the left using just labels (a,b,...) for the events and arrows (downwards) 
denoting causality between the events, and dotted lines denoting conflict. We omit arrows and 
lines that can be inferred through transitive closure, and two events that are not connected by 
any line or arrow are meant as concurrent. The HDA presentation is displayed on the right using 
squares. We represent by a black dot the fact that a square is filled in. A side of a square (i.e., a 
transition, or cell of dimension 1) is represented through a different arrow showing the direction of 
the space, to account for the fact that we omit the s and t maps. We label these arrows with the 
corresponding action label of the corresponding event that the 1-cell is supposed to model. All the 
examples, except the first two, cannot be distinguished only using the initial HDML logic; they 
require the past modalities. 

Example 3.5 (concurrency vs. interleaving) This is the standard example of how HDAs dis- 
tinguish between concurrency and interleaving, and how the original higher dimensional modal logic 
would distinguish these two. In Figure^ the system E represents a\\b whereas system F represents 
a;b + b; a. The two HDA presentations are distinguished by the hHDML formula 

V = {a}{b}T 

which holds on E but not on F in their respective initial cells. 



Example 3.6 (limits of wh-bisimulation) This example is from fig), ex. 9. 3] and shows the 
limits of wh-bisimulation, which cannot distinguish the two systems; but they can be distinguished 
by pomset-bisimulation. The two systems of this example are depicted in their partial order and 
HDA presentations in Figure For each system, the arrow in the HDA presentation that is 
labelled with a and goes out of the initial cell horizontally, corresponds to the event in the upper 
right corner of the partial order presentation. These two HDA systems are distinguished by the 
hHDML formula 

which holds on E but not on F in their respective initial cells. 
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Figure 4: ST vs. causality based bisimulations. Ie |= {a}(a){b}^(a)T , I F \t= {a}(a){b}^(a)T 



E F 




Figure 5: Absorbtion law example systems: E = (a\(b + c)) + (b\(a + c)) and F = (a\(b + c)) + 
a\b+ (b\(a + c)). 



Example 3.7 (causality vs. ST-bisimulations) This example from I21\ sec. 5. 4] shows the dif- 
ference between the ST-bisimulation and the causality based bisimulations like pomset or h-bisimulation. 
The two systems of this example are depicted in their partial order and HDA presentations in Fig- 
ure^ These two systems are indistinguishable by the ST-bisimulation but are distinguished by any 
of the causality based bisimulations because one needs to look at the history, i.e., the homotopy 
class of a cell. The two HDA presentations are distinguished by the hHDML formula 

p4{ }<a){&HS)T 
which holds on E but not on F in their respective initial cells. 



Example 3.8 (absorbtion law) The absorbtion law example is used in fi|[7P]/ to show that hh- 
bisimulation has strictly more distinguishing power than h-bisimulation; where in it is shown 
that the two examples are distinguished already by hwh-bisimulation. The two systems of this 
example are: 

E = (a\(b + c)) + (b\(a + c)) and F = (a\(b + c)) + a\b + (b\(a + c)), 

as depicted in their HDA presentation in Figure The horizontal right arrow labelled by a going 
out of either I F or Ie corresponds to the left-most a-labelled event in their respective CCS descrip- 
tion. There are no dependencies, only conflicting relations (expressed using the CCS +). These 
two HDA systems are distinguished by the hHDML formula 

PHM(I{c}TVW{c}T) 

which holds on E but not on F in their respective initial cells. 



Example 3.9 (conflicting futures) This example from |21 ex. 3] is meant there to show the need 
for quantification over event variables in conflict with previously bound events. The two systems 
of this example are depicted in their partial order and HDA presentations in Figure [3 These two 
systems are indistinguishable by the h-bisimulation but are distinguished by hh-bisimulation. The 
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Figure 6: Conflicting futures of [T]. {I E \=,I F ^} WM T v (a){b}{c}T) 

E F 




Figure 7: Example systems for non-binary conflict and event identifiers. 



horizontal right arrow going out of I E labelled with a corresponds to the right-most a-labelled event 
in E. The two HDA presentations are distinguished by the hHDML formula 

^ = HM((«4TV(a)I{c}T) 

which holds on E but not on F in their respective initial cells. 



Example 3.10 (non-binary conflict and the need for event identifiers) This example is taken 
from [7| ex. 4-8] where it is meant to illustrate that the event identifier logic indeed needs the event 
variables in order to make the distinction between the two concurrent systems which are distin- 
guishable by the hh-bisimulation ( the other examples of that paper can be distinguished by the logic 
without the need of event variables). The hHDML logic can distinguish these systems (thus, with- 
out the need of event variables). Another line that this example draws is that the HDA model can 
naturally express non-binary conflicting events. This means going beyond the expressiveness of 
prime event structures. Note that the examples of J7P|/ are all using binary conflict. These two 
HDA systems of Figure [7| are distinguished by the hHDML formula 

<p = {a}{a}([a]{a}T A (a){a}{a}{a}(a){a}(a)^{a}T) 

which holds on E but not on F in their respective initial cells. 



4 ST-configuration structures 

For a better understanding of the previous results we develop here the theory of ST-configuration 
structures. We do this along the lines drawn by Pratt p^2|fl3] . extending the configuration structures 
of van Glabbeek and Plotkin [20] starting from the notion of ST-configuration as defined in [T81I2T] . 
ST-configurations structures are a natural generalization of configuration structures to the setting 
of HDA. In this section we translate and relate to notions from HDA in ST-configuration structures, 
thus showing strong correlations between the two and eventually explaining better why the hHDML 
over HDAs captures hh-bisimulation without requiring quantification over event variables, i.e., only 
with the standard modal logic machinery. 
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Definition 4.1 (ST-configuration) An ST- configuration is a pair of sets (S, T) with the follow- 
ing property: 

(start before terminate) T C S. 

Intuitively S contains the events that have started and T the event that have terminated. 

Definition 4.2 (ST-configuration structures) An ST-configuration structure (also called ST- 
structure ) is a tuple ST = (ST, I) with ST a set of ST- configurations and I a labelling function of 
the events, I : Usesr'S' ~~ * ^> with ST satisfying the constraint: 

if {S, T) G ST then {S, S) G ST. 

The constraint above is a kind of closure so that we do not represent events that are started 
but never terminated. 

Definition 4.3 (stable ST-structures) An ST-configuration structure (ST, I) is called: 

• rooted iff (0, 0) G ST; 

• connected iffW(S,T) G ST non-empty then 3e G S s.t. either (S\ {e},T) G ST or (S,T\ 
{e}) G ST; 

• closed under bounded unions iff for {S,T),{S',T),{S",T") G ST if (S,T) U (S',T) C 
(S",T") then (S,T) U (S',T) G ST; 

• closed under bounded intersections iff for (S, T), (S', T), (S", T") G ST if (S, T) U (S', T) C 
(S",T") then (S,T) n (S',T) G ST. 

An ST-structure is called stable iff it is rooted, connected, and closed under bounded unions and 
intersections. 

Having only ST-configurations does not give us much information; in particular, we cannot 
obtain the information that an ST-trace has, cf. [2TJ def.2.5]. Therefore we define steps (or transi- 
tions) between ST-configurations. These will give the power to observe the behaviour of a system. 
We show then how to recover the information than an ST-trace has. 

Definition 4.4 (ST steps) A step between two ST-configurations is denoted (S,T) — > (S',T') 
and is defined as: 

s-step: T = T , S C S' and S' \ S = {e} and 1(e) = a; 
t-step: S = S',T Cf and T\T = {e} and 1(e) = a. 

Definition 4.5 (paths and traces) A path of an ST-configuration structure ST is a sequence 
of steps and is denoted n (overwriting the notation used for paths in HDAs). A path is rooted if 
it starts in (0,0). We generally work with rooted paths; and mention when the discourse involves 
general paths. 

For a rooted and connected ST-configuration structure ST and a path n G ST, the following 
notion of ST-trace corresponds to the one defined in I21\ def.2.5] or IT^ sec. 7. 3]. The ST-trace 
of 7i is denoted ST(n) and is the sequence of labels of the steps of n where each label is annotated 
with a if it labels an s-step or by a n if it labels a t-step, where n G N + is determined by counting 
the number of steps until the s-step that adds the event e to the S set, with e being the event that 
has been added to T in the current t-step. 
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Definition 4.6 (adjacent-closure) We say that a rooted and connected ST- configuration struc- 
ture ST is adjacent-closed if the following are respected: 

• if (S, T),(SU {e}, T),(SU {e, e'}, T) G ST, with e,e' ^ S Ae^e', then (S U {e'}, T) G ST; 

• if(S,T),(SU{e},T),(SU{e},TU{e'}) G ST, with e & SAe' & The ^ e' , then (S,TU{e'}) G 
ST; 

• if(S,T),(S,TU{e}),(S,TU{e,e'}) G ST, with e, e' <£ T A e ^ e! , then (S,TU{e'}) G ST. 

Proposition 4.7 (equivalent with adjacent-closure) A rooted and connected ST- configuration 
structure ST is called closed under single events if it respects the following: 

• V(5, T)eSTifeeS\T then (S, T U {e}) G <ST; 

• V(S, T) EST if e G S\T then (S \ {e}, T) G ST. 

A rooted and connected ST- configuration structure ST that is closed under single events is also 
adjacent- closed. 

The example of the square with the empty inside is adjacent-closed but not closed under unions 
nor under intersections. The example of the parallel switch of Winskel [22] is adjacent-closed and 
closed under unions, but not closed under intersections. The parallel switch can be pictured as 
only three sides of a cube in HDA. 

Proposition 4.8 (correspondence between HDA and ST-structures) Acyclic and cubical HDAs 
correspond to rooted, connected, and adjacent- closed ST-structures (denoted as ST(H)). 

Proof: Cells correspond to ST- configurations, where the dimension of the cell is given by the 
number of events present in S but not in T. Acyclic should be associated with the fact that we 
work with sets and each step adds events to one of the two sets S or T. The rootedness ensures 
the existence of the initial cell (with empty sets of events) and the connectedness ensures that each 
cell of dimension higher than has at least one s map. The special property of a ST-configuration 
ensures that s and t maps come in pairs. The adjacent-closure then ensures that one cell has all 
the s and t maps and that cubical laws are respected. The method of "sculpting out" cells from 
a big cell, or the sticking together of cells by identifying some of their faces, is possible because 
closure under unions and intersections is not available. Such closures, e.g., would not allow to have 
an empty square as in the examples before. □ 

Correspondence between ST-structures and plain configuration structures: 

Every configuration as in [T9l def.5.5] corresponds to an ST-configuration where S = T. To 
every ST-configuration structure ST we can associate a configuration structure by keeping only 
those ST-configurations that have S = T; i.e., C(ST) = {T \ (S, T) G ST A S = T}. 

It is easy to see that if an ST-configuration structure ST is rooted, or connected, or closed 
under bounded unions, or intersections, then the corresponding C(ST) is respectively rooted, 
connected, closed under bounded unions, or intersections. The rootedness and closure properties 
are immediate. For the connectedness just apply two times the definition for ST-configurations to 
obtain that for configuration structures. 
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But there is not a one to one correspondence between ST- configuration structures and the con- 
figurations structures because there can be several ST-structures that have the same configuration 
structure. The example is of one HDA square that is filled in and one that is not; both have the 
same set of corners and hence the same configuration structure. 

For stable ST-structures and stable configuration structures there is a one to one correspon- 
dence. One can build from a configuration structure a corresponding ST-structure by adding for 
each pair of configurations T and T U {e} the intermediate ST-configuration also; i.e., have the 
ST-configurations: (T, T), (T U {e}, T), (T U {e}, T U {e}) and then close under bounded unions 
and intersections. 

Definition 4.9 (concurrency and causality) For a particular (5, T) of an ST-configuration 
structure we define the two relations of concurrency and causality on the events of the ST- 
configuration as: 

concurrency: is denoted e\\e' and defined for e, e' G S as e\\e' iff 3(5' , T") C (5, T) : {e,e'} C 
S\T; 

causality: is denoted e < e' and is defined for e, e' G 5 : e ^ e' as e < e' iff V(5", T') C (5, T) : 
ef eS' 4ee V. 

Note that on ST-configuration structures the concurrency and causality are not interdefinable, 
but are disjoint. 

The notion of conflicting events (of cancellation as called by Pratt [T3]) is not definable for a 
specific ST-configuration because the notion of cancellation essentially says that the occurrence 
of one event cancels the others. Conflict/cancellation is a general notion definable on the whole 
ST-structure. 

Definition 4.10 (conflict) For an ST-configuration structure ST and a set of events E G ST 
the relation of global conflict is defined as j^E iff fl(S,T) G ST with ECS. 

The standard notion of binary conflict is a particular instance of the definition above, where 
E = {e, e'}. For stable ST-configuration structures, the constraints of being closed under bounded 
unions and intersections guarantees that there is no conflict for the events of a particular ST- 
configuration. 

Definition 4.11 (hh-bisimulation for ST-configuration structures) A function f is an iso- 
morphism of two ST-configurations (S,T)f(S',T') iff f is an isomorphism of S and S' that agrees 
on the T and T' sets (i.e., f \t= T'). 

For two ST-configuration structures ST and ST' , a relation R C ST x ST' x V[ST x ST') 
is called a history preserving bisimulation between ST and ST' iff (0, 0, 0) G R and whenever 
((S,T),(S',T')J)eR 

1. f is an isomorphism between (5, T) and (S',T'); 

2. if (S,T) —} (S a ,T a ) then exists (S' a ,T^) G ST' and f extending f (i.e., f \(s.t)= f) with 
(S',T>)^(S' a ,T>) and((S a ,T a ),(S' a X)J')£R; 

3. if (S',T r ) (S' a ,T^) in ST' then exists (S a ,T a ) G ST and f extending f with (S,T) 
(S a ,T a ) and((S a ,T a ),(S' a X)J')£R- 
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A history preserving bisimulation is called hereditary is the following two back conditions hold: 

4- if (S a ,T a ) (S,T) in ST then exists (S'^T^) e ST' and f with f \(s a ,T a )= f) and 
(S' a X)^(S',T') and((S a ,T a ),(S' a ,T>)J')£R- 

Proposition 4.12 For two acyclic and cubical HDAs, H and %' , their corresponding rooted, 
connected and adjacent-closed ST-structures ST(H) and ST{T-L') are hh-bisimilar (cf. Def. \4-H\) 
iff the original higher dimensional automata are hh-bisimilar (cf. Def. \2. 7\ ). 

Proof: Intuitively, the forward steps in Def. 12.7( 1 and 2) are matched in Def. 14. lll by steps (2 and 
3). The backward steps in Def. 12.7( 5 and 6) are matched by the backward step 4 in Def. 14.111 The 
/-adjacency steps in Def. 12.7( 3 and 4) correspond to the restriction 1 in Def. 14. Ill of /-isomorphism 
together with the adjacent- closure properties. □ 



Proposition 4.13 For stable ST-structures and their corresponding stable configuration structures 
the hh- bisimulation from Def. \4-ll\ corresponds to that of fT9} def .9.6]. 

The termination predicate of [191 def. 9. 6] can be defined for ST-structures also, and for HDAs 
using the set of final states/cells. The hHDML can also express if these are maximal using "'{jT 
or ->()T to say that no more events can be started or terminated in a cell/ST-configuration. 

Definition 4.14 (hHDML interpreted over ST-structures) The hHDML logic formulas are 
interpreted over a ST- configuration structure in a particular ST- configuration. The during modali- 
ties {} and {} are moving on the s-steps, forward respectively backward; whereas the after modalities 
( ) and ( ) move on the t-steps. The rest is the same as in Def. \3.2i 

Intuitively, when hHDML is interpreted in an ST-configuration (S, T) a formula {a}(f says that 
one new event labelled with a should be added to the set of started events S and the resulting 
ST-configuration should be part of the ST-structure we are working with and the formula <p should 
hold. 

Proposition 4.15 (^ hH ^ ML an( j ^ coincide over ST-structures) For rooted, connected, and 

adjacent-closed ST-configuration structures, the relations hH £ ML (Def.{31J$ and ~ (Def. \4-ll\ ) coin- 
cide. 

Proof: The more difficult part is to show that hH ^ AL satisfies the restrictions of being a ~ over 
ST-configuration structures from Def. 14.111 The changing in the map indexes, or equivalently in 
interchanging cell associations, that we were doing in Prop. 13.41 is here reflected in the change 
of the isomorphism / that the ~ is defined with. The isomorphism is changed by interchanging 
event associations. We need to change the isomorphism when problems appear from the adjacent- 
closure property of the ST-structures that we work with. This change is always possible, without 
braking the other forward and backward properties of the ~, and such that it also caters for the 
adjacent- closure property. □ 

The notion of concurrent step [T9l def.7.1] can be defined over ST-configuration structures (or 
HDAs) and captured in the hHDML logic by restricting the language of the logic to using only 
syntactic definitions of the form (A)ip interpreted in the states (cells of dimension 0) of the HDAs. 
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The syntactic definition for a multiset of labels A is (A) = {A}{A)cp where {A} is {ai} . . . {a n } with 

di E A (analogous for (A)). The concurrent steps of [HI def.7.1] become just (S,T) —t (S',T') 
with T' — T and S' = SU {a 1; . . . , a n } for a, G A, if the ST-configuration (5", T') is reachable from 
(S 1 , T) through a sequence of only s-steps. The standard Hennessy-Milner logic formulas and the 
transitions in labelled transition systems are the restriction of concurrent steps and formulas from 
above to A being a singleton set. 

5 Conclusion 

We presented the history-aware higher dimensional modal logic as a response to the question of 
what is a minimal extension in the style of standard modal logic of the previous HDML, with a 
natural interpretation over the higher dimensional automata, that can capture the hereditary his- 
tory preserving bisimulation defined for this model of concurrency. This logic with past modalities 
does not employ event variables (opposed to [HE]), but it uses the new modalities that talk about 
what happens during the concurrent execution of events (besides the standard after modalities). 

In the second part of the paper we have introduced the ST-configuration structures as a model 
of concurrency extending the configuration structures of [20] to the setting of HDAs. We have 
given various related definitions and made correlations with the similar notions from the other 
models that we relate these with, i.e., (stable) configuration structures and (acyclic and cubical) 
HDAs. The new hHDML was interpreted over these and the result of capturing hh-bisimulation 
was shown again in this new setting. 
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